Add Facebook login and appease Rubocop.add-csp-overrides

author: Connor Shea <connor.james.shea@gmail.com> 2016-07-20 13:30:13 -0600
committer: Connor Shea <connor.james.shea@gmail.com> 2016-07-20 13:30:13 -0600
commit: a637f1a70c2246111762e8d1da2eb3c8f9ef25e8 (patch)
tree: 9da10015f1f1bf634b196640ae72f66d01a8335a
parent: a6d0ab4930b1ee0069d6bc4d61e7f35f6907a9e2 (diff)
download: gitlab-ce-add-csp-overrides.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/config/initializers/secure_headers.rb b/config/initializers/secure_headers.rb
index 67bd0109ffc..298e46c2df5 100644
--- a/config/initializers/secure_headers.rb
+++ b/config/initializers/secure_headers.rb
@@ -97,7 +97,6 @@ SecureHeaders::Configuration.default do |config|
     config.csp[:script_src] << "https://www.google-analytics.com"
   end
 
-
   # Allow connecting accounts to Twitter, Google, GitLab.com, Bitbucket, and GitHub.
   if Gitlab.config.omniauth.enabled
     config.csp[:form_action] << "api.twitter.com"
@@ -105,6 +104,7 @@ SecureHeaders::Configuration.default do |config|
     config.csp[:form_action] << "gitlab.com"
     config.csp[:form_action] << "bitbucket.org"
     config.csp[:form_action] << "github.com"
+    config.csp[:form_action] << "facebook.com"
   end
 end
author	Connor Shea <connor.james.shea@gmail.com>	2016-07-20 13:30:13 -0600
committer	Connor Shea <connor.james.shea@gmail.com>	2016-07-20 13:30:13 -0600
commit	a637f1a70c2246111762e8d1da2eb3c8f9ef25e8 (patch)
tree	9da10015f1f1bf634b196640ae72f66d01a8335a
parent	a6d0ab4930b1ee0069d6bc4d61e7f35f6907a9e2 (diff)
download	gitlab-ce-add-csp-overrides.tar.gz